News

Resources

Bitdefender won AV-Comparatives' Product of the Year award after winning Advanced+ rating in tests throughout 2017 covering the categories of Real World Protection, Performance, Malware Protection, False Alarms and Malware... Read More

Bitdefender, a leading global cybersecurity technology company protecting 500 million users worldwide, has appointed Andrew Philpott as Vice President of Enterprise Sales, Europe, the Middle East, and Africa (EMEA). Philpott’s... Read More

Bitdefender, a leading global cybersecurity technology company protecting 500 million users worldwide, has appointed Joe Sykora, a 21-year-veteran of the security industry, as Vice President of Worldwide Channel Development, continuing... Read More

Bitdefender, a leading cybersecurity technology company protecting 500 million users worldwide and NETGEAR, Inc. (NASDAQ:NTGR), a global networking company that delivers innovative products to consumers, businesses and service providers, announced... Read More

Resources Library

welcome to

White Papers

Bitdefender researchers have uncovered an emerging botnet that uses advanced communication techniques to exploit victims and build its infrastructure. The bot, dubbed HNS, was intercepted by our IoT honeypot system following a credentials dictionary attack on the Telnet service.

The bot was first spotted on Jan. 10 then faded away in the following days, only to re-emerge on Jan. 20 in a significantly improved form.

This whitepaper tells the story of a custom-built piece of malware that we have been monitoring for several months as it wrought havoc in Asia.

Our threat intelligence systems picked up the first indicators of compromise in July last year, and we have kept an eye on the threat ever since.

This whitepaper takes an in-depth look at the the attack chain, the infrastructure used by the threat actors, the malware subdomains they control and the payloads delivered on the targeted systems, as well as other telltale signs about a possible return of the Iron Tiger APT.

This whitepaper is a technical analysis of the Terdot, a Banker Trojan that derives inspiration from the 2011 Zeus source code leak. Highly customized and sophisticated, Terdot can operate a MITM proxy, steal browsing information such as login credentials and stored credit card information, as well as inject HTML code in visited Web pages.

The DarkHotel threat actors have been known to operate for a decade now, targeting thousands of businesses across the world via Wi-Fi infrastructure in hotels.

This whitepaper covers a sample of a particular DarkHotel attack, known as Inexsmar. Unlike any other known DarkHotel campaigns, the isolated sample uses a new payload delivery mechanism rather than the consacrated zero-day exploitation techniques. Instead, the new campaign blends social engineering with a relatively complex Trojan to infect its selected pool of victims.

Ransomware, the most prolific cyber threat of the moment, gains foothold in organizations and companies via file-sharing networks, e-mail attachments, malicious links or compromised websites that allow direct downloads. The first quarter of 2016 saw 3,500% growth in the number of ransomware domains created, setting a new record.

VDI empowers employees and employers with many benefits, no matter the size of the organization. However, as with any environment, security should always play a pivotal role and should complement the business environment. With VDI it’s no different; security should be seamless, without any effect on the user experience.

Virtualization offers many benefits, but also raises additional performance issues in areas of security. This bodes the question: is virtualization security counterproductive? Moreover, do the currently-available security solutions impact some of the benefits offered by virtualization, creating bottlenecks and additional issues in virtualized environments as compared to physical server environments?

To accelerate the business benefits enabled by virtualization, companies must not overlook security. However isolated and self-contained, virtual containers are still vulnerable to increasingly sophisticated malicious attacks carried out by dedicated networks of cybercriminals. The larger the virtualized environment, the more challenging it can become to efficiently secure virtual machines.

IT has evolved immensely over the past decade, always adapting to become faster, more agile, and more efficient. Unfortunately, security threats have evolved as well, and are more stealthy, more intelligent, and more malicious than ever before.

Virtual machines in a cloud environment are as susceptible to nefarious exploitation – where sensitive data is highly valuable – as physical machines. The same exposure profile exists regardless of the underlying platform (traditional physical, virtualized, private cloud or public cloud). Although traditional security can be used in the cloud, it is neither built, nor optimized for the cloud.